Microsoft Issues Warning On Russian’s Widespread Credential Theft Attack

Microsoft has announced an increase in credential-stealing attacks conducted by Midnight Blizzard, a Russian state-affiliated hacker group. The group has been utilizing residential proxy services to conceal the origin of the attacks, focusing on governments, IT service providers, NGOs, defense sectors, and critical manufacturing industries. Midnight Blizzard, also known as APT29, Cozy Bear, Iron Hemlock, […]

Microsoft Issues Warning On Russian’s Widespread Credential Theft Attack

Microsoft has announced an increase in credential-stealing attacks conducted by Midnight Blizzard, a Russian state-affiliated hacker group. The group has been utilizing residential proxy services to conceal the origin of the attacks, focusing on governments, IT service providers, NGOs, defense sectors, and critical manufacturing industries. Midnight Blizzard, also known as APT29, Cozy Bear, Iron Hemlock, […]

Challenges Faced by Microsoft Azure Bastion and Container Registry

Discovery showed that Microsoft Azure Bastion and Azure Container Registry have two significant security vulnerabilities that could enable cross-site scripting (XSS) attacks. These vulnerabilities, if exploited, could lead to unauthorized access, data breaches, and disruptions in the affected Azure services. Lidor Ben Shitrit, a researcher from Orca Security, reported the findings. XSS attacks occur when […]

Challenges Faced by Microsoft Azure Bastion and Container Registry

Discovery showed that Microsoft Azure Bastion and Azure Container Registry have two significant security vulnerabilities that could enable cross-site scripting (XSS) attacks. These vulnerabilities, if exploited, could lead to unauthorized access, data breaches, and disruptions in the affected Azure services. Lidor Ben Shitrit, a researcher from Orca Security, reported the findings. XSS attacks occur when […]

Microsoft Uncovers Sophisticated AITM And BEC Attack Targeting Banking And Financial Services

According to a report by Microsoft, a sophisticated multi-stage phishing and business email compromise (BEC) attack is currently targeting banking and financial services organizations. The attack, dubbed Storm-1167, originated from a compromised trusted vendor and involved a series of adversary-in-the-middle (AiTM) attacks and subsequent BEC activity across multiple organizations. What sets this attack apart is […]

Microsoft Uncovers Sophisticated AITM And BEC Attack Targeting Banking And Financial Services

According to a report by Microsoft, a sophisticated multi-stage phishing and business email compromise (BEC) attack is currently targeting banking and financial services organizations. The attack, dubbed Storm-1167, originated from a compromised trusted vendor and involved a series of adversary-in-the-middle (AiTM) attacks and subsequent BEC activity across multiple organizations. What sets this attack apart is […]